Upload
vantu
View
213
Download
0
Embed Size (px)
Citation preview
Non-Financial Risk (NFR)
2017 Deloitte
Holistic approach: “An end-to-end and common approach to managing risk, starting with a link to the risk appetite framework,
an inventory of risks and relevant controls, a consistent quantitative and qualitative assessment approach, and concluding with
the ability to provide feedback and enhance the process.”
COMPONENTS AND GOALS
NFRManagementFramework
NFR Measurement & MonitoringMethodology
RiskIdentification
& Taxonomy
Deloitte’s Non-Financial Risk Management Framework will allow Financial Institutions to:
• Link NFRs to the bank´s Risk Appetite Framework (“RAF”) and articulate a more detailed Risk Appetite Statement (“RAS”)
• Articulate and communicate the NFR approach and resulting impact and benefits on risk culture and conduct
• Quantify relevant NFRs, define related limits, thresholds and triggers
• Assign clear roles and responsibilities
• Strengthen top-down communication, bottom-up reporting and external disclosure
• Extend NFR to all supporting policies, processes and controls and identify required technologies
Supervisory expectations
Understanding of the bank’sNFR profile
Capital requirements
Meet or even surpass evolving supervisory expectations
Translate understanding of the NFR and risk management capability improvements into reduced cost of compliance and economic capital
Demonstrate a comprehensive understanding and enhanced control of the bank’s NFR profile
NFR TAXONOMY (Extract)
PERFORMANCE DRIVERS AND METRICS
Do the organizational culture and risk structures cover all risks including NFRs?
01
Does the framework provide the data and transparency to understand the risk profile of the organization and does it improve the decision-making process related to risk?
02
Does the framework provide complete evidence for internal and external parties that risk is properly identified and managed?
03
Risk Class Category
Financial Risk
• Credit Risk
• Market Risk
• Interest rate Risk in the Banking Book
• Liquidity Risk
Non-Financial Risk
External Market Risk
• Operational Risk
• Compliance Risk
• Conduct Risk
• IT Risk
• Cyber Risk
• Model Risk
• Third-party Risk
• Strategic Risk
• Systemic Risk
• Reputational Risk
KEY QUESTIONS POTENTIAL ECONOMIC CAPITAL IMPLICATIONS
Source: Deloitte Banking Risk Intelligence Map@-extract; Draft as of July 2017, subject to change.
Pillar I
Capital Requirements
Regulatory Calculation
Pillar III
Disclosure
Transparency
Pillar II
Stress testing(e.g. CCAR-US, SREP-EU)
Capital adequacy level
Implications of non-financial risk management
• Tentatively, the regulatory calculation would not be affected by the proactive management of the NFR
• Improvement in the image and reputation
• Potential for increased investor and stakeholder confidence
• Management improvements increases alignment with real capital needs
• Improved internal control & capital scores
• Avoid or reduce add-on
Non-Financial Risk (NFR)
2017 Deloitte
MEASURING AND MONITORING NFR
QUALIFICATIONS
COMPONENTS OF AN INTEGRATED NFR IMPLEMENTATION FRAMEWORK
Culture
Interpret and implement the legislation in banking context
Efficient interpretation and translation of legislation into bank-specific terminology and data sourcing
International team and global network
Bring best practices for international banks based on Deloitte’s understanding of the varying local requirements and data delivery approaches resulting from the scope changes as adopted by local Competent Authorities
BUCF
Collaboration on an international level through the Banking Union Center in Frankfurt (BUCF) and the EMEA Center for Regulatory Strategy (ECRS) providing fundamental views on regulatory changes and issues
Expert knowledge of Operational Risk
In-depth knowledge and understanding of Basel regulations
Experienced professionals
Senior professionals with broad-based and relevant experiences in regulation, audit and advisory
Combination of quantitative and qualitative approaches to reach a score:
The Three Lines of Defense have an integrated role in the framework; results can be used as inputs for capital calculations, with potential substantial benefits.
Technology
Firms should consider using innovative tools and techniques to monitor and control risks
Reporting
Common reporting framework, where risks are monitored and communicated consistently across all lines of defense
Risk Appetite
The entity should identify its potential NFRs and decide how much it is capable and willing to assume
Governance
Entities should adapt the governance to include NFRs
Measurement and monitoring
A qualitative and quantitative methodology is necessary in order to measure and monitor NFRs; as an emerging discipline, Non-Financial Risk Managers will be obliged to create and implement a methodology relatively quickly
Risk ID
The experience with operational risk is that banks’ capabilities can inhibit timely identification and mitigation of new and emerging risk types; this could be an early challenge for Non-Financial Risk Managers
Supervision and control model
The ability to leverage a rationalized inventory of controls across a wider spectrum of risks and processes is likely to result in cost and efficiency benefits that can support the business case and early buy-in
Supported and enhanced by Deloitte`s Non-Financial Risk Management Framework
Risk
Assessment
System
Control level
gap analysis
Qualitative gap
analysis
(integration into
management)
Target
model and
definition
of action
plan
Score
obtained
Score
obtained
RAF
Final score Reporting
Quantitative
measurement -
level of control
Qualitative
measurement -
questionnaires
Processes
Controls
Risks
Target model and action plan2Measurement and monitoring of NFR1
Qualitative assessment
• Combines results from the processes and control map quantification with management questionnaires
Quantitative assessment
• Considers different KRIs for each eligible Risk Category and Sub-Category
• Aims to avoid subjectivity through a frequency and impact quantification
Europe’s most ambitious integration project since the Euro.
The Banking Union initiative represents a fundamental innovation in supervision of financial services with significant consequences for the structure of the banking sector in the Eurozone and beyond, affecting business models and strategies.